<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <title>Class: Yubico</title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  <meta http-equiv="Content-Script-Type" content="text/javascript" />
  <link rel="stylesheet" href=".././rdoc-style.css" type="text/css" media="screen" />
  <script type="text/javascript">
  // <![CDATA[

  function popupCode( url ) {
    window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
  }

  function toggleCode( id ) {
    if ( document.getElementById )
      elem = document.getElementById( id );
    else if ( document.all )
      elem = eval( "document.all." + id );
    else
      return false;

    elemStyle = elem.style;
    
    if ( elemStyle.display != "block" ) {
      elemStyle.display = "block"
    } else {
      elemStyle.display = "none"
    }

    return true;
  }
  
  // Make codeblocks hidden by default
  document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
  
  // ]]>
  </script>

</head>
<body>



    <div id="classHeader">
        <table class="header-table">
        <tr class="top-aligned-row">
          <td><strong>Class</strong></td>
          <td class="class-name-in-header">Yubico</td>
        </tr>
        <tr class="top-aligned-row">
            <td><strong>In:</strong></td>
            <td>
                <a href="../files/yubico_rb.html">
                yubico.rb
                </a>
        <br />
            </td>
        </tr>

        <tr class="top-aligned-row">
            <td><strong>Parent:</strong></td>
            <td>
                Object
            </td>
        </tr>
        </table>
    </div>
  <!-- banner header -->

  <div id="bodyContent">



  <div id="contextContent">



   </div>

    <div id="method-list">
      <h3 class="section-bar">Methods</h3>

      <div class="name-list">
      <a href="#M000006">addClient</a>&nbsp;&nbsp;
      <a href="#M000004">add_key</a>&nbsp;&nbsp;
      <a href="#M000007">deleteClient</a>&nbsp;&nbsp;
      <a href="#M000005">delete_key</a>&nbsp;&nbsp;
      <a href="#M000008">hmac</a>&nbsp;&nbsp;
      <a href="#M000003">last_response</a>&nbsp;&nbsp;
      <a href="#M000001">new</a>&nbsp;&nbsp;
      <a href="#M000002">verify</a>&nbsp;&nbsp;
      </div>
    </div>

  </div>


    <!-- if includes -->

    <div id="section">


    <div id="constants-list">
      <h3 class="section-bar">Constants</h3>

      <div class="name-list">
        <table summary="Constants">
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_OK</td>
          <td>=</td>
          <td class="context-item-value">&quot;OK&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if all is well with the request.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_REPLAYED_OTP</td>
          <td>=</td>
          <td class="context-item-value">&quot;REPLAYED_OTP&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if the server has seen that OTP for that key before.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_BAD_OTP</td>
          <td>=</td>
          <td class="context-item-value">&quot;BAD_OTP&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if the OTP is invalid or misformed.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_NO_SUCH_CLIENT</td>
          <td>=</td>
          <td class="context-item-value">&quot;NO_SUCH_CLIENT&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if such a client doesn&#8216;t exist

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_POLICY_VIOLATION</td>
          <td>=</td>
          <td class="context-item-value">&quot;POLICY_VIOLATION&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if a specified request violates the rules for the verifier.
Typically this happens when you send an unsigned request but the verifier
is set up to only use signed requests.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_BAD_SIGNATURE</td>
          <td>=</td>
          <td class="context-item-value">&quot;BAD_SIGNATURE&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if the signature on the request was invalid.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_OPERATION_NOT_ALLOWED</td>
          <td>=</td>
          <td class="context-item-value">&quot;OPERATION_NOT_ALLOWED&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if the operation is not allowed, or otherwise denied.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_INCORRECT_PARAMATER</td>
          <td>=</td>
          <td class="context-item-value">&quot;INCORRECT_PARAMETER&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned if a parameter is bad or missing, respectively. (Also returns an
&quot;info&quot; field &#8212; needs to be parsed (1) )

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_MISSING_PARAMETER</td>
          <td>=</td>
          <td class="context-item-value">&quot;MISSING_PARAMETER&quot;</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_BACKEND_ERROR</td>
          <td>=</td>
          <td class="context-item-value">&quot;BACKEND_ERROR&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned on a Backend Error

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_MISSING_SECRET</td>
          <td>=</td>
          <td class="context-item-value">&quot;MISSING_SECRET&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned when the object is constructed without a shared key, on requests
that require the shared key.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">E_UNKNOWN_ERROR</td>
          <td>=</td>
          <td class="context-item-value">&quot;UNKNOWN_ERROR&quot;</td>
          <td width="3em">&nbsp;</td>
          <td class="context-item-desc">
Returned on an unknown error server side.

</td>
        </tr>
        </table>
      </div>
    </div>



    <div id="attribute-list">
      <h3 class="section-bar">Attributes</h3>

      <div class="name-list">
        <table>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">_id</td>
          <td class="context-item-value">&nbsp;[RW]&nbsp;</td>
          <td class="context-item-desc">
The requested client or verifier ID for the instance of the object.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">_key</td>
          <td class="context-item-value">&nbsp;[RW]&nbsp;</td>
          <td class="context-item-desc">
The shared key, if required, for the client or verifier.

</td>
        </tr>
        <tr class="top-aligned-row context-row">
          <td class="context-item-name">_res</td>
          <td class="context-item-value">&nbsp;[RW]&nbsp;</td>
          <td class="context-item-desc">
The response from the server.

</td>
        </tr>
        </table>
      </div>
    </div>
      


    <!-- if method_list -->
    <div id="methods">
      <h3 class="section-bar">Public Class methods</h3>

      <div id="method-M000001" class="method-detail">
        <a name="M000001"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000001.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000001.html');return false;">
          <span class="method-name">new</span><span class="method-args">(id, key='')</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Initialization is used to create the instance variables at creation.
Yubikey.new requires in the least an ID, and also takes a shared key.
</p>
        </div>
      </div>

      <h3 class="section-bar">Public Instance methods</h3>

      <div id="method-M000006" class="method-detail">
        <a name="M000006"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000006.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000006.html');return false;">
          <span class="method-name">addClient</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Unimplemented
</p>
        </div>
      </div>

      <div id="method-M000004" class="method-detail">
        <a name="M000004"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000004.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000004.html');return false;">
          <span class="method-name">add_key</span><span class="method-args">( id, nonce )</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Requests <a href="Yubico.html#M000004">add_key</a> information from the
server and returns all the information required to encode a Yubikey. This
command will create a <a href="Yubico.html#M000001">new</a> key on request,
so standard practice should be very secure and sure before this is called.
</p>
<pre>
  if( user.created? )
    user.keyflag = yk.add_key( @_id, timestamp )
    user.keydata = yk.last_response
  end
    # =&gt;
</pre>
        </div>
      </div>

      <div id="method-M000007" class="method-detail">
        <a name="M000007"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000007.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000007.html');return false;">
          <span class="method-name">deleteClient</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Unimplemented
</p>
        </div>
      </div>

      <div id="method-M000005" class="method-detail">
        <a name="M000005"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000005.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000005.html');return false;">
          <span class="method-name">delete_key</span><span class="method-args">( id, key_id, nonce )</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Signed request that deletes key <tt>key_id</tt> from the server, with the
client ID <tt>id</tt> and passes <tt>nonce</tt> as the request nonce.
</p>
        </div>
      </div>

      <div id="method-M000008" class="method-detail">
        <a name="M000008"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000008.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000008.html');return false;">
          <span class="method-name">hmac</span><span class="method-args">( key, msg, algorithm )</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Takes the OTP, shared key, and ID, creates the RFC3339 timestamp, and
returns the hash.
</p>
<pre>
  hash = yubikey_object.signKey( @otp, @shared, @id )
    # =&gt; &quot;39ccb32d95edfdbcd882f2b01809724ec640ea16&quot;
</pre>
        </div>
      </div>

      <div id="method-M000003" class="method-detail">
        <a name="M000003"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000003.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000003.html');return false;">
          <span class="method-name">last_response</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Return the last available Yubikey response body, in full, for parsing.
</p>
<pre>
  req = yk.verify( @token, @_id )
  res = req.last_response
    # =&gt; &quot;h=...\nstatus=OK&quot;
</pre>
<p>
On an error, there will be many fields returned by this function you can
sift out manually using regular expressions (to be implemented: <a
href="Yubico.html#M000003">last_response</a> returns an associative array
of the response.) for various variables.
</p>
<pre>
  req = yk.verify( @token, @_id )
    # =&gt; &quot;h=Z/D42NucC1nSlIVZqFPR3RO5dG4=\r\nt=2007-10-23T14:26:48Z\r\nstatus=REPLAYED_OTP\r\n\r\n&quot;
  res = yk.last_response
  res[&quot;h&quot;]
    # =&gt; &quot;h=Z/D42NucC1nSlIVZqFPR3RO5dG4=&quot;
  res[&quot;t&quot;]
    # =&gt; &quot;2007-10-23T14:26:48Z&quot;
  res[&quot;status&quot;]
    # =&gt; &quot;REPLAYED_OTP&quot;
  res[&quot;info&quot;]
    # =&gt; nil
</pre>
        </div>
      </div>

      <div id="method-M000002" class="method-detail">
        <a name="M000002"></a>

        <div class="method-heading">
          <a href="Yubico.src/M000002.html" target="Code" class="method-signature"
            onclick="popupCode('Yubico.src/M000002.html');return false;">
          <span class="method-name">verify</span><span class="method-args">( otp, id = @_id )</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Verify an Yubikey OTP Token. Returns the value of the response variable
&quot;status&quot;
</p>
<pre>
  req = yk.verify( @token, @id )
    # =&gt; STATUS_VARIABLE
</pre>
<p>
Upon an error, you should use the Yubikey.last_response method for a more
detailed collection of variables, including the request hash, info and
further.
</p>
        </div>
      </div>


    </div>


  </div>


<div id="validator-badges">
  <p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
</div>

</body>
</html>